FC Barcelona Twitter Account Hacked, Again, By the Same Group

The Twitter account of FC Barcelona has been hacked by the OurMine group, who had time enough to post sensitive information, seemingly taken from private messages.

After OurMine took control of the account, they said private messages on the platform indicate Neymar might be returning to the team. The footballer left FC Barcelona in 2017, so it would be big news if he returned, not to mention that this would be the worst way to make such an important announcement.

Losing access to Twitter accounts is nothing new for individuals or companies. Accounts are usually taken over via a technique called credential stuffing. Companies and large organizations use analytic tools that allow them to better measure the impact of their posts. Such third-party tools don’t have the same kind of security, and usually have direct access to the account.

Hackers get a hold of user names and passwords through various leaks, then try them on various services. A bad tendency among people to reuse credentials on multiple online services doesn’t help. Of course, the use of a multi-factor authentication solution would have been great, but it’s unclear whether such protection was deployed.

“FC Barcelona’s Twitter accounts have been hacked, which is why messages from outside our club have appeared, and which have been reported and deleted. The tweets were made through a third-party tool for data analytics,” the club wrote on Twitter.

“FC Barcelona will conduct a cybersecurity audit and will review all protocols and links with third-party tools, in order to avoid such incidents and to guarantee the best service to our members and fans,” it said. “We apologize for any inconvenience this situation may have caused.”

As you might have noticed, they said nothing about the supposedly leaked information, which is actually the best you can do in these situations, whether it was true or not. Furthermore, this is the second time this has happened. The previous time was in 2017 — by the same group.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Silviu STAHIE. Read the original post at: